<?php
session_start();
include("conn.php");
$email = empty($_REQUEST['email'])?"null":$_REQUEST['email'];
$password = $_REQUEST['passwords'];
if($email == "null"){
	header("Refresh:1;url=index.html");
	die("请输入邮箱");
}

//执行sql查询数据库中$email对应的password
$sql = "select * from admin where email='{$email}' and password='{$password}'";
$result =  mysqli_query($conn, $sql);
if( mysqli_num_rows($result)>0 ){
	//转成关联数组，因为这里确定只有一条记录，所以不用while循环
	$arr = mysqli_fetch_assoc($result);
	// var_dump($arr);
	if($arr['password'] == $password){
		//说明是正确用户
		$_SESSION["stats"] = md5($email);
		$_SESSION["nickname"] = $arr["nickname"];
		// echo $email."<br>";
		// echo $_SESSION["stats"];
		echo "<script>alert('登录成功！')</script>";
		header("Refresh:1;url=index.php");

	}else{
		echo "<script>alert('账户或密码错误，请重新输入！')</script>";
        header("Refresh:1;url=index.html");
		// die("密码错误");
	}

}else{
	//echo "该邮箱没有注册";
	echo "<script>alert('该邮箱没有注册')</script>";
	header("Refresh:1;url=sign-up1.php");
}

mysqli_close($conn);
?>